Multiple Greeting Card Scams
We did get reports about a couple of greeting card scams. They use different
domains (bluemountain.com, 123greetings.com). It is important to note that
these scams use different domains. If you include greeting card scams in your
awareness training, make sure to point out that they may use less known domain
names as well.
Yesterday's diary pointed out the release of Netscape 8.0. Well, today AOL
released a security update (version 8.01). Please make sure you download it.
While initial reports of >40 bugs turned out to be inflated, there are still a few issues (about 3-5) that are fixed in 8.01.
MSFT Time Server
We have one report and some personal observations that the default Microsoft time server (time.windows.com) is having problems. If you are using this time server (it is the default time server for Windows XP installs), make sure you are still able to connect, or let us know if you see any error messages.
Sober deadline for next monday
The version of Sober responsible for last weeks outbreak of German spam is said to trigger some as of now unknown payload on Monday, May 23rd. If you know what it will do, let us know. The messages are believed to relate to this weekends
elections in one of Germany's larger states.
Pharming: Does it exist? We do get ongoing requests for statistics about actual "Pharming Attacks". So far, the response has been easy: "None". While the DNS cache poisoning attack from a few months ago has been called "pharming" by some, it wasn't according to our definition of the term, as it did not attempt to spoof a bank site to obtain passwords. However, pharming is a rather new term, and like other new terms it may stretch itself until it finds a purpose.
jullrich@';drop table email;'sans.org'
I will be teaching next: Intrusion Detection In-Depth - SANS Las Vegas Spring 2020
May 20th 2005
1 decade ago